VPN Foundation Question

[Kitsap]

I want to setup a virtual private network (VPN) so I can remotely access IP cameras on my home network and not put the network or items connected to it in jeopardy.

Access to the internet is via a cable gateway which is a combination modem, wireless router, and phone multimedia terminal. This particular one is made by Cisco and it replaced a previous combination modem and phone adapter a few weeks ago. At this time the new gateway is in bridge mode and it feeds a wireless router that does not support VPN. Bridge mode on the gateway disables both the router and Wi-Fi functions.

The four Ethernet ports on the existing router are full and multiple devices connect over both the 2.4 and 5 GHz Wi-Fi bands.

The question is what are the details to look for to purchase the building blocks required to set up the VPN? Also what is the order of connection? Do you go from the gateway to a router then to a POE switch or do you go from the gateway to the switch then to the router? I would like to accommodate the current connected devices and leave room for growth. Possibly a NVR.

 

[bp2008]

Technically a VPN server can be anywhere on your network, as long as it is on "the private side" of your router. The router is just a convenient place to put it (when it is possible) because it is energy efficient and always running anyway.

What is your current wireless router make and model? It may be compatible with 3rd-party firmware like Tomato or DD-WRT, which you can get with VPN support built in.

 

[Kitsap]

What is your current wireless router make and model? It may be compatible with 3rd-party firmware like Tomato or DD-WRT, which you can get with VPN support built in.

It is a Western Digital AC 1300

 

[bp2008]

Looks like that one doesn't support 3rd party firmware.

If you have an always-on computer in the house, you could install OpenVPN on it, and use that as your VPN server.

Otherwise, there are a few choices of router you could try. Ubiquiti EdgeRouter X is only $50-60 on amazon.com and it is a really good one. Kind of complex though. It is a bit over my head even. I'm currently running an Asus RT-AC68U at home with Tomato by Shibby for the firmware. I like Tomato firmware because it has a really clean interface for most things, and most configuration changes don't require a reboot or even a noticeable interruption to connectivity.

 

[Kitsap]

Thank you. I am working to get my mind around the terminology and the basic configurations. Part of the learning process.

I had expected the existing router would need to be replaced.

 

[bp2008]

You can still use your existing router for wifi, by just turning off its DHCP and changing its LAN address so it doesn't conflict with your new router. That basically turns it into a wifi access point. Of course, unless you buy an ubiquiti router, then chances are whatever you do buy will have wifi of its own.

 

[Kitsap]

You can still use your existing router for wifi, by just turning off its DHCP and changing its LAN address so it doesn't conflict with your new router. That basically turns it into a wifi access point. Of course, unless you buy an ubiquiti router, then chances are whatever you do buy will have wifi of its own.

There is only so much room for gear on a computer desk and side table. I have been looking at some Netgear offerings as a replacement. They have an AC 1900 that offers a lot of flexibility.